The security week that was: 10/24/08

A weekly surveillance of news shaping your profession


Show me your papers, comrade!

Ever been hassled at the airport? If not, then ask Kevin Mitnick about his experience before the ASIS show last month. Kevin is a former hacker turned security researcher and penetration tester who was sequestered by the CBP and ICE when he was flying into Atlanta to speak at that ASIS show. Fortunately, most people don't get the level of scrutiny that Kevin was subjected to. He was carrying a prox card sniffer/spoofer and a full lock-picking set that he was using as props for his keynote presentation during the show. His business card also happens to be a condensed lock-picking set. He had something like three or four cell phones in his bag. And multiple laptops. And he also had a little unit that can steal cellular phone address books via Bluetooth connectivity.

And while most of us don't carry the red-flag-raising tools that Kevin had with him, plenty of citizens have found themselves being questioned because they shared the same name as someone on the Do-Not-Fly list. Now the Department of Homeland Security is taking action to help correct that.

They announced that in 2009, flyers will need to provide their full name and date of birth to the airline. This information will then be cross-referenced to info on the assorted "watch" lists, and the eventual goal is that John Jones the retiree wouldn't be pulled aside because he was thought to be John Jones the terrorist supporter. This is a very small invasion of privacy, but not one that would bother most Americans. I think we'd gladly provide our full name and date of birth if it means we aren't accidentally thought to be someone we're not.

New technology for video storage
TimeSight Systems comes to market

I was up this week at the IQsummit 2008, an event from IQinVision in Philadelphia, Penn. You can read my report on that event, which includes some of the thoughts I collected on network video and megapixel surveillance. You can also enjoy a new SIW Radio podcast about video lifecycle management.

On Tuesday, just before they attended the IQsummit, TimeSight Systems unveiled itself to the industry with the ability to manage how we store video surveillance. The company's core technology is that it can be set up such that full resolution streams are saved for the first time period; then the stream can be lowered (repeatedly if needed) in terms of file size/compression. So imagine keeping full, high-res video for the first week. Then you could compress that video even further after a week (since you probably won't need the video for evidentiary purposes if you haven't had a report of an incident in that first week) so that you can store even more video on a single NVR. The company's product is available as an NVR now, but I sensed that the company may be able to license out this patented technology to other video storage products competitors. The full interview is available in the podcast.

In other news
Beyond IT products distribution; JC buys Gridlogix; bank letters; more...

It worked in the U.S. for companies like ScanSource, BlackBox and Anixter, which now deliver physical security products in addition to a full complement of IT and networking products. Now that same concept is being tested in the UK. Computerlinks, a distributor of IT products across Europe, is now moving into physical security products. The reason for this shift? Some 60 percent of VARs who were using Computerlinks wanted to get into the converged data and physical security market.

This content continues onto the next page...